You are here

function _cas_single_sign_out_check in CAS 6.2

Same name and namespace in other branches
  1. 5.4 cas.module \_cas_single_sign_out_check()
  2. 5.3 cas.module \_cas_single_sign_out_check()
  3. 6.3 cas.module \_cas_single_sign_out_check()
  4. 7 cas.module \_cas_single_sign_out_check()
1 call to _cas_single_sign_out_check()
cas_init in ./cas.module
Implementation of hook_init Traps a page load to see if authentication is required.

File

./cas.module, line 1236

Code

function _cas_single_sign_out_check() {
  if (variable_get('cas_signout', FALSE) && array_key_exists("logoutRequest", $_POST)) {
    $cas_logout_request_xml_string = utf8_encode($_POST["logoutRequest"]);

    // it's important!
    if ($cas_logout_request_xml = domxml_open_mem($cas_logout_request_xml_string)) {
      $cas_session_indexes = $cas_logout_request_xml
        ->get_elements_by_tagname("SessionIndex");
      if ($cas_session_indexes[0] != NULL) {
        $cas_session_index = $cas_session_indexes[0]
          ->get_content();

        // Log them out now.
        // first lets find out who we want to log off
        $result = db_query_range("SELECT cld.uid FROM {cas_login_data} cld WHERE cld.cas_session_id = '%s'", $cas_session_index, 0, 1);
        if ($result !== FALSE) {
          while ($cas_login_data = db_fetch_object($result)) {
            $uid = $cas_login_data->uid;

            // remove all entry for user id in cas_login_data
            db_query("DELETE FROM {cas_login_data} WHERE uid = %d", $uid);

            // remove their session
            db_query("DELETE FROM {sessions} WHERE uid = %d", $uid);
          }
        }
      }
    }
  }
}